Vulnerability CVE-2016-10162

Vulnerability Name:

CVE-2016-10162 (CCN-121891)

Assigned:

2017-01-19

Published:

2017-01-19

Updated:

2018-05-04

Summary:

The php_wddx_pop_element function in ext/wddx/wddx.c in PHP 7.0.x before 7.0.15 and 7.1.x before 7.1.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an inapplicable class name in a wddxPacket XML document, leading to mishandling in a wddx_deserialize call.

CVSS v3 Severity:

7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
4.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Type:

CWE-476

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2016-10162

Source: CCN
Type: PHP Web site
Version 7.0.15

Source: CONFIRM
Type: Release Notes, Vendor Advisory
http://php.net/ChangeLog-7.php

Source: CCN
Type: PHP Web site
PHP: Hypertext Preprocessor

Source: BID
Type: UNKNOWN
95668

Source: CCN
Type: BID-95668
PHP 'wddx.c' NULL Pointer Dereference Denial of Service Vulnerability

Source: SECTRACK
Type: UNKNOWN
1037659

Source: REDHAT
Type: UNKNOWN
RHSA-2018:1296

Source: CONFIRM
Type: Issue Tracking
https://bugs.php.net/bug.php?id=73831

Source: XF
Type: UNKNOWN
php-cve201610162-dos(121891)

Source: CONFIRM
Type: Issue Tracking, Patch, Third Party Advisory
https://github.com/php/php-src/commit/8d2539fa0faf3f63e1d1e7635347c5b9e777d47b

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2016-10162

Vulnerable Configuration:

Configuration 1:

cpe:/a:php:php:7.0.0:-:*:*:*:*:*:*

OR cpe:/a:php:php:7.0.1:-:*:*:*:*:*:*

OR cpe:/a:php:php:7.0.2:-:*:*:*:*:*:*

OR cpe:/a:php:php:7.0.3:-:*:*:*:*:*:*

OR cpe:/a:php:php:7.0.4:-:*:*:*:*:*:*

OR cpe:/a:php:php:7.0.5:-:*:*:*:*:*:*

OR cpe:/a:php:php:7.0.6:-:*:*:*:*:*:*

OR cpe:/a:php:php:7.0.7:-:*:*:*:*:*:*

OR cpe:/a:php:php:7.0.8:-:*:*:*:*:*:*

OR cpe:/a:php:php:7.0.9:-:*:*:*:*:*:*

OR cpe:/a:php:php:7.0.10:-:*:*:*:*:*:*

OR cpe:/a:php:php:7.0.11:-:*:*:*:*:*:*

OR cpe:/a:php:php:7.0.12:-:*:*:*:*:*:*

OR cpe:/a:php:php:7.0.13:-:*:*:*:*:*:*

OR cpe:/a:php:php:7.0.14:-:*:*:*:*:*:*

OR cpe:/a:php:php:7.1.0:-:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:php:php:7.0.14:-:*:*:*:*:*:*

OR cpe:/a:php:php:7.1.0:-:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:201610162	V	CVE-2016-10162	2022-09-02
oval:org.opensuse.security:def:10439	P	Security update for SDL2 (Important) (in QA)	2022-01-12
oval:org.opensuse.security:def:9885	P	Security update for SDL2 (Important) (in QA)	2022-01-12
oval:org.opensuse.security:def:10710	P	Security update for the Linux Kernel (Important) (in QA)	2022-01-07
oval:org.opensuse.security:def:10372	P	Security update for aaa_base (Moderate)	2021-12-03
oval:org.opensuse.security:def:10176	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:10170	P	Security update for qemu (Important)	2021-11-04
oval:org.opensuse.security:def:10154	P	Security update for ghostscript (Critical)	2021-09-15
oval:org.opensuse.security:def:10148	P	Security update for ffmpeg (Important)	2021-09-02
oval:org.opensuse.security:def:10140	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:14959	P	libXi6-1.7.4-18.6.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14937	P	kernel-default-4.12.14-120.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14299	P	libthai-data-0.1.25-4.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13930	P	libmspack0-0.4-14.4 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14231	P	libgssglue1-0.4-3.76 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14206	P	libXvnc1-1.6.0-18.11.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14113	P	cups-pk-helper-0.2.5-5.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14094	P	bash-4.3-82.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14076	P	aaa_base-13.2+git20140911.61c1681-36.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14028	P	rsyslog-8.4.0-14.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13960	P	libsrtp1-1.5.2-2.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13938	P	libpango-1_0-0-1.40.1-9.5 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14286	P	libsmi-0.4.8-18.55 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14275	P	libpng16-16-1.6.8-14.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:11099	P	Security update for fossil (Moderate)	2021-07-17
oval:org.opensuse.security:def:10685	P	Security update for the Linux Kernel (Important)	2021-07-15
oval:org.opensuse.security:def:38799	P	Security update for curl (Moderate)	2021-06-30
oval:org.opensuse.security:def:10112	P	Security update for ovmf (Important)	2021-06-25
oval:org.opensuse.security:def:10278	P	Security update for ucode-intel (Important)	2021-06-10
oval:org.opensuse.security:def:17293	P	python-devel-2.7.13-28.11.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17262	P	libmwaw-0_3-3-0.3.13-7.9.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17205	P	libuuid-devel-2.29.2-2.3 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17120	P	libgio-fam-2.48.2-10.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17086	P	python-devel-2.7.9-20.6 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:124641	P	php7-devel-7.0.7-50.52.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:16349	P	php7-devel-7.0.7-49.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:16635	P	php7-devel-7.0.7-50.52.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17219	P	typelib-1_0-EvinceDocument-3_0-3.20.1-5.66 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17187	P	libid3tag0-0.15.1b-182.58 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17077	P	libssh4-0.6.3-8.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17041	P	argyllcms-1.6.3-1.179 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17010	P	lcms-1.19-17.31 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17288	P	libzmq3-4.0.4-14.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17078	P	libtag1-32bit-1.9.1-1.265 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17276	P	libraw9-0.15.4-21.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11434	P	pcsc-ccid-1.4.14-1.45 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11412	P	libvorbis0-1.3.3-8.23 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:10087	P	Security update for polkit (Important)	2021-06-03
oval:org.opensuse.security:def:10263	P	Security update for ceph (Important)	2021-06-02
oval:org.opensuse.security:def:9863	P	Security update for git (Important)	2021-03-09
oval:org.opensuse.security:def:10216	P	Security update for wpa_supplicant (Important)	2021-03-08
oval:org.opensuse.security:def:9855	P	Security update for bind (Important)	2021-03-02
oval:org.opensuse.security:def:10397	P	Security update for salt (Critical)	2021-02-26
oval:org.opensuse.security:def:10163	P	Security update for python-urllib3 (Moderate)	2021-02-08
oval:org.opensuse.security:def:10297	P	Security update for go1.14 (Moderate)	2021-01-26
oval:org.opensuse.security:def:11121	P	Security update for viewvc (Moderate)	2021-01-19
oval:org.opensuse.security:def:17329	P	imobiledevice-tools-1.2.0-7.31 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:17310	P	cyrus-sasl-digestmd5-32bit-2.1.26-8.7.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16826	P	libid3tag-devel-0.15.1b-184.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16953	P	procps-devel-3.3.9-11.18.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16868	P	libpng12-compat-devel-1.2.50-19.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16834	P	libjpeg62-devel-62.2.0-31.14.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16948	P	php7-devel-7.0.7-50.85.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:10774	P	libplist++-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10448	P	gnome-shell-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10453	P	hplip-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:39479	P	Security update for php7 (Important)	2020-12-01
oval:org.opensuse.security:def:39437	P	Security update for python-pip (Moderate)	2020-12-01
oval:org.opensuse.security:def:10610	P	xfig on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17540	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:37937	P	libpcre1-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10591	P	python3-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17528	P	Security update for xfsprogs (Moderate)	2020-12-01
oval:org.opensuse.security:def:10576	P	nut-cgi on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38639	P	libXRes1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10529	P	libpcscspy0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38580	P	dosfstools on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10483	P	libapr1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38420	P	mutt on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10461	P	lib3ds-1-3 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38330	P	libncurses5-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10761	P	libmusicbrainz-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38272	P	libass5 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10752	P	libjson-c-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38170	P	dovecot22 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10836	P	php7-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38033	P	policycoreutils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10814	P	libxslt-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37949	P	libpython3_4m1_0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38755	P	mutt on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37938	P	libpcsclite1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38727	P	libspice-client-glib-2_0-8 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38688	P	libjpeg-turbo on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17974	P	Security update for php7 (Important)	2020-12-01
oval:org.opensuse.security:def:17948	P	Security update for libtasn1 (Moderate)	2020-12-01
oval:org.opensuse.security:def:10012	P	w3m on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:9993	P	squidGuard on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:9978	P	python-requests on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:9931	P	libusbmuxd4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:18226	P	Security update for php7 (Important)	2020-12-01
oval:org.opensuse.security:def:18200	P	Security update for libapr-util1 (Moderate)	2020-12-01
oval:org.opensuse.security:def:17562	P	Security update for php5 (Important)	2020-12-01
oval:org.opensuse.security:def:17471	P	Security update for perl-DBI (Important)	2020-12-01
oval:org.opensuse.security:def:17439	P	Security update for grub2 (Important)	2020-12-01
oval:com.ubuntu.precise:def:201610162000	V	CVE-2016-10162 on Ubuntu 12.04 LTS (precise) - low.	2017-01-24
oval:com.ubuntu.xenial:def:2016101620000000	V	CVE-2016-10162 on Ubuntu 16.04 LTS (xenial) - low.	2017-01-24
oval:com.ubuntu.trusty:def:201610162000	V	CVE-2016-10162 on Ubuntu 14.04 LTS (trusty) - low.	2017-01-24
oval:com.ubuntu.xenial:def:201610162000	V	CVE-2016-10162 on Ubuntu 16.04 LTS (xenial) - low.	2017-01-24

BACK